Patch release notes 1908p
Release notes for Vyatta NOS 1908p, released January 27, 2022.
Security vulnerabilities resolved
Security vulnerabilities resolved in release 1908p.
Issue number | CVSS | Advisory | Summary |
---|---|---|---|
VRVDR-56909 | 7.8 | N/A | CVE-2021-4034: policykit-1 – security update |
This patch addresses a local privilege escalation discovered by the Qualys Research Labs. This vulnerability is not exploitable through the admin or operator level accounts if user-isolation is enabled for your system. The user-isolation would have to be bypassed for a successful exploitation. Customers are still advised to apply this update even with user-isolation enabled.